Error: unable to build authorizer for Resource Manager API: could not configure AzureCli Authorizer: the provided subscription ID <omitted> is not known by Azure CLI

[ericgarff]

Is there an existing issue for this?

• [X] I have searched the existing issues

Community Note

• Please vote on this issue by adding a :thumbsup: reaction to the original issue to help the community and maintainers prioritize this request
• Please do not leave comments along the lines of "+1", "me too" or "any updates", they generate extra noise for issue followers and do not help prioritize the request
• If you are interested in working on this issue or have submitted a pull request, please leave a comment and review the contribution guide to help.

Terraform Version

v1.9.5

AzureRM Provider Version

4.2.0

Affected Resource(s)/Data Source(s)

provider

Terraform Configuration Files

terraform {
  required_providers {
    aws = {
      source  = "hashicorp/aws"
      version = "~> 5.31.0"
    }
    azurerm = {
      source  = "hashicorp/azurerm"
      version = "~> 4.2.0"
    }
  }
  required_version = "~> 1.3"
}

provider "azurerm" {
  features {}

  subscription_id = "omitted"
  tenant_id       = "omitted"
  client_id       = "omitted"
  client_secret   = data.aws_s3_object.<omitted>.body
}

provider "aws" {
  region = "us-west-2"
}

Debug Output/Panic Output

12:49 $ terraform plan
data.aws_s3_object.kasten_az_sa: Reading...
data.aws_s3_object.kasten_az_sa: Read complete after 0s [id=super-secret-kasten-io/k10-azure-veeam-sa.key]

Planning failed. Terraform encountered an error while generating this plan.

╷
│ Error: unable to build authorizer for Resource Manager API: could not configure AzureCli Authorizer: the provided subscription ID "omitted" is not known by Azure CLI
│
│   with provider["registry.terraform.io/hashicorp/azurerm"],
│   on _providers.tf line 15, in provider "azurerm":
│   15: provider "azurerm" {

Expected Behaviour

AzureCli authorizer works.

Actual Behaviour

See Output above

Steps to Reproduce

1. terraform plan

Important Factoids

I have validated the subscription ID, tenant ID, client ID, and client secret. This was working previously using azurerm provider 3.85.0, but that gets a different error about token validity

References

No response

[ericgarff]

I have validated the client secret above by logging into az cli.

[ms-henglu]

Hi @ericgarff ,

Thank you for taking time to report this issue.

According to the error message, the subscription id specified in the azurerm provider block could not be found in the az account list --output table results. Please confirm whether the correct subscription ID is specified or az cli is logged in the correct account.

[ericgarff]

Thank you, @ms-henglu, even though I thought I'd logged in to the account with that sub ID, apparently I hadn't. Sorry to waste your time.

[rcskosir]

Thank you for taking the time to raise this! I am going to close this with @ms-henglu‘s response as an answer. If you have future questions, I suggest using the Community Resources, such as the Azure Provider forum.

[github-actions[bot]]

I'm going to lock this issue because it has been closed for 30 days ⏳. This helps our maintainers find and focus on the active issues. If you have found a problem that seems similar to this, please open a new issue and complete the issue template so we can capture all the details necessary to investigate further.